CVE-2002-0788

Name of the Vulnerable Software and Affected Versions: PGP version 7.0.3

Description: The issue arises from an interaction between PGP and the Windows Encrypted File System (EFS) when the "wipe deleted files" option is used. This interaction creates cleartext temporary files that cannot be wiped or deleted due to strong permissions. As a result, certain local users or attackers with physical access could obtain cleartext information.

Recommendations: For PGP version 7.0.3, consider disabling the "wipe deleted files" option when used on Windows EFS to prevent the creation of unwipeable cleartext temporary files. Restrict access to sensitive data and ensure physical security of devices to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.